Snort - the de facto standard for intrusion detection/prevention
the de facto standard in IPS  
Got Source? About Snort About Sourcefire Snort FAQ
Sourcefire Network Security - the creators of Snort
Snort News Snort Downloads Snort Rules Snort Docs Snort Training Snort Forums Snort Community Snort Store
Search Site
Search Rules
Account
email
password
not registered?
can't login?
user preferences
next up previous
Next: 4.29 How do I Up: 4 Rules and Alerts Previous: 4.27 How can I

4.28 How can I protect web servers running on ports other than 80?

It is possible... It's a kludge, but it can work. Since the newer rules use the $HTTP_PORTS variable, you simply reset it and re-run the rules for the other ports.

For example: 

    var HTTP_PORTS 80
    include web.rules
    var HTTP_PORTS 8080
    include web.rules


site feedback | Terms of Use | Privacy Policy | forum archives ©2008 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved.